Spyware and cyberattacks have skyrocketed this year, as Africans take to the internet to stay in touch with family and friends due to the COVID-19. Kenya, Nigeria, and South Africa experienced millions of malware and other attacks between January and August 2020, according to data from cybersecurity company Kaspersky.
Potentially unwanted applications (PUA), also known as grayware, are programs that come pre-installed on phones and computers and can pose security and privacy risks. Malware, which includes spyware and viruses, is software designed to cause damage.
“In some countries, these attacks have taken a new dimension, impersonating non-governmental organisations working on COVID-19 response.” - Verengai Mabika, Internet Society
“There were 3.8 million malware attacks and 16.8 million PUA detections,” says Kaspersky. “In South Africa, there were almost ten million malware attacks and a staggering 43 million PUA detections. Kenyan users faced even more malware attacks — around 14 million and 41 million PUA appearances.”
Zimbabwe’s Verengai Mabika, senior policy advisor for Africa for the non-profit Internet Society, told SciDev.Net that the number of cyberattacks has grown five times during the COVID-19 pandemic, exposing Africa’s limited digital awareness and capacity.
“In some countries, these attacks have taken a new dimension, impersonating non-governmental organizations working on COVID-19 response, or phishing using the subject of coronavirus or COVID-19 as a lure,” Mabika says.
Cyberattacks can lead to breaches of national security secrets or theft of valuable, sensitive data like medical records and computer networks can be paralyzed making data unavailable, Mabika explains.
Denis Parinov, a security researcher at Kaspersky, tells SciDev.Net that home users in the region have a higher chance of malware infection compared with corporate users.
“Users at home are generally less aware of computer threats and tend to be more carefree when browsing the internet, reading emails, or installing software,” he says.
Parinov says cyberattacks can be avoided by not downloading unknown software, avoiding suspicious links or links from unknown sources, and manually typing a website address, rather than following a link.
Mabika says Africa’s vulnerabilities stem from the lack of cybersecurity legal frameworks, lack of digital literacy, and weak cybersecurity systems.
“Many countries still have not ratified the African Union Convention on Cyber Security and Personal Data Protection, known as the Malabo Convention, which could give a framework for responding to these threats,” Mabika explained.
He says cybersecurity does not seem to be a top priority for most countries.
Thabo Johnson, founder of the South Africa-based African Society for Cyber Security Awareness, says there is no government program or campaign for cybersecurity awareness.
Most African countries, including South Africa, do not have a cybersecurity law, he says, adding that leaders do not seem to understand the danger of cyberattacks.
“We don’t have a platform to report or prevent the attacks,” he says.
Johnson calls on the government to invest in massive awareness campaigns and programs and enact requisite laws.
Subcribe to our Daily Brief newsletter
Insights and analysis into how business and technology impact Africa. We promise to leave you smarter and asking the right questions every time after you read it. Sent out every Monday to Friday.
This piece was produced by SciDev.Net’s Sub-Saharan Africa English desk.Share this via: